FreeBSD Bugzilla – Attachment 150521 Details for
Bug 195918
/bin/sh crash caused by a particular script
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
bin/sh with debug enabled and check for negative value
gdb-patched-varisset.txt (text/plain), 1.90 KB, created by
Jason Unovitch
on 2014-12-13 01:17:58 UTC
(
hide
)
Description:
bin/sh with debug enabled and check for negative value
Filename:
MIME Type:
Creator:
Jason Unovitch
Created:
2014-12-13 01:17:58 UTC
Size:
1.90 KB
patch
obsolete
>Breakpoint 1 at 0x408fb0: file expand.c, line 863. >Starting program: /usr/src/bin/sh/sh > >Breakpoint 1, varisset (name=0x8015a7234 "1985234857347568347:1=2:5ù", > nulok=16) at expand.c:863 >863 if (*name == '!') >861 { >863 if (*name == '!') >865 else if (*name == '@' || *name == '*') { >877 } else if (is_digit(*name)) { >879 int num = atoi(name); >881 if (num > shellparam.nparam) >883 if (num < 0) >$1 = -1544760613 >$2 = -1544760613 >895 } >varisset (name=0xa <Error reading address 0xa: Bad address>, nulok=-858993460) > at expand.c:891 >891 if (nulok && (ap == NULL || *ap == '\0')) >895 } >evalvar (p=0x8015a724a "2:5ù", flag=3) at expand.c:703 >703 startloc = expdest - stackblock(); >692 set = varisset(var, varflags & VSNUL); >703 startloc = expdest - stackblock(); >704 if (!set && uflag && *var != '@' && *var != '*') { >703 startloc = expdest - stackblock(); >704 if (!set && uflag && *var != '@' && *var != '*') { >712 error("%.*s: parameter not set", (int)(p - var - 1), >716 if (set && subtype != VSPLUS) { >718 if (special) { >719 varvalue(var, varflags & VSQUOTE, subtype, flag); >720 if (subtype == VSLENGTH) { >745 STPUTS(val, expdest); >751 if (subtype == VSPLUS) >752 set = ! set; >754 easy = ((varflags & VSQUOTE) == 0 || >758 switch (subtype) { >824 c = p - var - 1; >825 error("${%.*s%s}: Bad substitution", c, var, >Warning: >Cannot insert breakpoint -12. >Error accessing memory address 0x7325732a2e257b24: Bad address. > >Single stepping until exit from function _longjmp, >which has no line number information. >main (argc=1, argv=0x7fffffffdbd0) at main.c:105 >105 switch (exception) { >111 exitstatus = 2; >118 if (state == 0 || iflag == 0 || ! rootshell || >121 reset(); >122 if (exception == EXINT) >124 popstackmark(&smark); >125 FORCEINTON; /* enable interrupts */ >126 if (state == 1) >128 else if (state == 2) >130 else if (state == 3) >175 cmdloop(1); > >Program exited with code 0205.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=150521">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 195918
:
150520
| 150521 |
150522